Sources for Installed Collectors
You can configure a variety of Sources on Installed Collectors.
In this section, we'll introduce the following concepts:
📄️ Collect Forwarded Events from a Windows Event Collector
Use a Windows Event Source to collect forwarded events from a Windows Event Collector.
📄️ Docker Sources
Configure a Docker Logs or Docker Stats Source.
📄️ Host Metrics Source
An installed Sumo Logic Collector can collect host metrics from a local host.
📄️ Local File Source
Create a Local File Source to collect log messages from the same machine where a Collector is installed.
📄️ Local Windows Event Log Source
You can collect local events from the Windows Events Viewer.
📄️ Windows Event Source Custom Channels
Find Windows event channels to collect with a Local Windows Event Source.
📄️ Local Windows Performance Monitor Log Source
Collect local performance data from the Windows Performance Monitor.
📄️ Streaming Metrics Source
Add a streaming metric source to an installed collector to collect Graphite, Carbon 2.0, or Prometheus metrics.
📄️ Syslog Source
The Syslog Source obtains syslog messages by listening on a designated port.
📄️ Define Boundary Regex for Multiline Messages
By default, Sumo Logic Sources have multiline processing enabled, which is useful when logs contain messages that span multiple lines separated by line breaks, such as a stack trace.
📄️ Preconfigure a Machine to Collect Remote Windows Events
You can configure a system for remote access by a Remote Windows Event Log Source.
📄️ Preconfigure a Machine to Collect Remote Windows Performance Monitoring Logs
You can configure a system for remote access by a Remote Windows Performance Monitoring Log Source.
📄️ Windows Active Directory Inventory Source
A Windows Active Directory Inventory Source collects inventory data from Active Directory Database.
📄️ Remote Windows Event Log Source
Collect Windows event logs from a remote machine.
📄️ Remote Windows Performance Monitor Log Source
Set up a Remote Windows Performance Monitor Log Source to collect remote performance data from Windows Performance Monitor.
📄️ Script Action
A Script Action receives data uploads that are triggered by a scheduled search.
🗃️ Remote File Source
2 items
🗃️ Script Source
3 items